Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit dad5032

Browse files
CasassarnauCasassarnau
committed
Fixed permission bugs
1 parent 56d492d commit dad5032

6 files changed

Lines changed: 45 additions & 24 deletions

File tree

app/template.py

Lines changed: 5 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -10,13 +10,15 @@ def get_main_nav(request):
1010
if getattr(settings, 'HACKATHON_LANDING', None) is not None:
1111
nav.append(('Landing page', getattr(settings, 'HACKATHON_LANDING')))
1212
return nav
13-
if not request.user.is_organizer():
13+
if request.user.is_organizer():
14+
nav.extend([('Review', reverse('application_review')), ])
15+
else:
1416
if getattr(settings, 'HACKATHON_LANDING', None) is not None:
1517
nav.append(('Landing page', getattr(settings, 'HACKATHON_LANDING')))
16-
return nav
1718
if request.user.is_staff:
1819
nav.append(('Admin', reverse('admin:index')))
19-
nav.extend([('Review', reverse('application_review')), ('Checkin', reverse('checkin_list'))])
20+
if request.user.has_module_perms('event'):
21+
nav.append(('Checkin', reverse('checkin_list')))
2022
return nav
2123

2224

application/models.py

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -241,7 +241,6 @@ class Meta:
241241
('can_invite_application', _('Can invite application')),
242242
('can_review_dubious_application', _('Can review dubious application')),
243243
('can_review_blocked_application', _('Can review blocked application')),
244-
('can_checkin_application', _('Can checkin application')),
245244
)
246245

247246

event/apps.py

Lines changed: 27 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,3 +4,30 @@
44
class EventConfig(AppConfig):
55
default_auto_field = 'django.db.models.BigAutoField'
66
name = 'event'
7+
8+
def create_new_permissions(self):
9+
from django.contrib.contenttypes.models import ContentType
10+
from django.contrib.auth.models import Permission
11+
12+
from application.models import ApplicationTypeConfig
13+
14+
permissions = ['can_checkin', ]
15+
16+
content_type = ContentType.objects.get_or_create(app_label='event', model='event')[0]
17+
18+
for permission in permissions:
19+
name = permission.replace('_', ' ').capitalize()
20+
Permission.objects.get_or_create(codename=permission, defaults={'name': 'Can checkin',
21+
'content_type': content_type})
22+
application_types = ApplicationTypeConfig.objects.all()
23+
for application_type in application_types:
24+
Permission.objects.get_or_create(
25+
codename='%s_%s' % (permission, application_type.name.lower()),
26+
defaults={'name': name + ' ' + application_type.name.lower(),
27+
'content_type': content_type})
28+
29+
def ready(self):
30+
try:
31+
self.create_new_permissions()
32+
except:
33+
pass

event/templates/checkin_user.html

Lines changed: 9 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -52,13 +52,19 @@
5252
</div>
5353
</form>
5454
{% else %}
55-
<h2 class="text-danger">{% translate 'You have no permission to check-in some of those types' %}</h2>
55+
<div class="alert alert-danger text-center" role="alert">
56+
{% translate 'You have no permission to check-in some of those types' %}
57+
</div>
5658
{% endif %}
5759
{% else %}
58-
<h2 class="text-danger text-center">{% translate 'This user is not invited' %}</h2>
60+
<div class="alert alert-danger text-center" role="alert">
61+
{% translate 'This user is not invited' %}
62+
</div>
5963
{% endif %}
6064
{% else %}
61-
<h1 class="text-center">{% translate 'No user found' %}</h1>
65+
<div class="alert alert-danger text-center" role="alert">
66+
{% translate 'No user found' %}
67+
</div>
6268
{% endif %}
6369
</div>
6470
</div>

event/views.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,7 @@
1616

1717

1818
class CheckinList(AnyApplicationPermissionRequiredMixin, SingleTableMixin, FilterView):
19-
permission_required = 'can_checkin_application'
19+
permission_required = 'event.can_checkin'
2020
template_name = 'checkin_list.html'
2121
table_class = CheckinTable
2222
filterset_class = CheckinTableFilter
@@ -27,7 +27,7 @@ class CheckinUser(TemplateView):
2727
template_name = 'checkin_user.html'
2828

2929
def has_permission(self, types):
30-
permission = 'can_checkin_application'
30+
permission = 'event.can_checkin'
3131
if self.request.user.has_perm(permission):
3232
return True
3333
for application_type in types:

user/admin.py

Lines changed: 2 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -6,20 +6,7 @@
66
from user.models import User, BlockedUser, LoginRequest
77

88

9-
class PermissionQuerysetMixin:
10-
permission_field_name = ''
11-
12-
def formfield_for_manytomany(self, db_field, request=None, **kwargs):
13-
if db_field.name == self.permission_field_name:
14-
qs = kwargs.get("queryset", db_field.remote_field.model.objects)
15-
# Avoid a major performance hit resolving permission names which
16-
# triggers a content_type load:
17-
kwargs["queryset"] = qs.filter(content_type__app_label='application',
18-
content_type__model__in=['application', 'applicationlog'])
19-
return super().formfield_for_manytomany(db_field, request=request, **kwargs)
20-
21-
22-
class UserAdmin(PermissionQuerysetMixin, BaseUserAdmin):
9+
class UserAdmin(BaseUserAdmin):
2310
permission_field_name = "user_permissions"
2411

2512
# The forms to add and change user instances
@@ -50,7 +37,7 @@ class UserAdmin(PermissionQuerysetMixin, BaseUserAdmin):
5037
filter_horizontal = ()
5138

5239

53-
class GroupAdmin(PermissionQuerysetMixin, BaseGroupAdmin):
40+
class GroupAdmin(BaseGroupAdmin):
5441
permission_field_name = 'permissions'
5542

5643

0 commit comments

Comments
 (0)